<?php
include("_mysql.php");
include("_settings.php");
include("_functions.php");

$username = $_POST['ws_user'];
$password = md5(stripslashes($_POST['ws_pwd']));
$error = 'Unknown error';
$user = safe_query("SELECT * FROM ".PREFIX."user WHERE username='".$username."'");
if(mysql_num_rows($user))
{
$ds = mysql_fetch_array($user);
if($password == $ds['password'])
{
$_SESSION['ws_auth'] = $ds['userID'].":".$password;
$_SESSION['ws_lastlogin'] = $ds['lastlogin'];
$_SESSION['referer'] = $_SERVER['HTTP_REFERER'];
		
setcookie("ws_auth", $ds['userID'].":".$password, time()+(360*360*360));
$userID = $ds['userID'];
$loggedin = 1;
$error = 'OK';
}
else
$error = 'Wrong username or password';
}
else
$error = 'Wrong username or password';

redirect('index.php','',0);



?>